package com.jlkf.controller;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.jlkf.pojo.TblRole;
import com.jlkf.pojo.TblSysUser;

public class AuthorityInterceptor implements Filter {

	@Override
	public void destroy() {

	}

	@Override
	public void doFilter(ServletRequest arg0, ServletResponse arg1,
			FilterChain arg2) throws IOException, ServletException {

		/* try { */
		HttpServletRequest request = (HttpServletRequest) arg0;
		HttpServletResponse response = (HttpServletResponse) arg1;
		String url = request.getRequestURI();
		String rep = url.replaceAll("/hqsm-oa/", "");
		System.out.println(request.getSession().getAttribute("sysUser"));
		TblSysUser manager = (TblSysUser) request.getSession().getAttribute("sysUser");
		String[] arr = rep.split("/");
		if (arr[0].contains(".jsp")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (arr[0].equals("js")) {
			arg2.doFilter(arg0, arg1);
			return;
		}
		if (rep.contains("role/loginUser")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("role/loginout")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("updatePassword.jsp")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("sysUser/updatePwd")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("assets")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("bootstrap-3.3.7-dist")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("bootstrap-fileinput")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("bootstrap-switch-master")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("bootstrap-table")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("css")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("img")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("layer")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("source")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("umeditor")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("public")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("code")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("common")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("selectpp")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("all")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if ("upload/photoImg".contains(rep)) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("static")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("lib")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("images")) {
			arg2.doFilter(arg0, arg1);
			return;
		} else if (rep.contains("image")) {
			arg2.doFilter(arg0, arg1);
			return;
		}

		if (manager == null) {
			response.getWriter().write("<script>window.top.location.href=\"../login.jsp\";</script>");
		} else {
			TblRole role = (TblRole) request.getSession().getAttribute("r");
			if (role != null) {
				String names = role.getgContent();
				if (names.contains(rep)) {
					arg2.doFilter(arg0, arg1);
					return;
				}
			} else {
				arg2.doFilter(arg0, arg1);
				return;
			}
		}

		 //获取当前请求的路径
        String basePath = request.getScheme() + "://" + request.getServerName() + ":"  + request.getServerPort()+request.getContextPath();
        //如果request.getHeader("X-Requested-With") 返回的是"XMLHttpRequest"说明就是ajax请求，需要特殊处理
        if("XMLHttpRequest".equals(request.getHeader("X-Requested-With"))){
            //告诉ajax我是重定向
            response.setHeader("REDIRECT", "REDIRECT");
            //告诉ajax我重定向的路径
            response.setHeader("CONTENTPATH", basePath+"/login.jsp");
            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        }else{
        	StringBuilder sb = new StringBuilder();
    		sb.append(" <!DOCTYPE html> <html>");
    		sb.append("<head>");
    		sb.append("<body>");
    		sb.append("<h2   style=position: absolute; top: 50%;left: 50%;transform: translate(-50%,-50%);font-size: 34px;text-align: center;> 权限不足,无法进行此操作！</h2>");
    		sb.append("</body>");
    		sb.append("</head>");
    		sb.append("</html>");
    		response.getWriter().write(sb.toString());
        }
		/*
		 * } catch (Exception e) {
		 * 
		 * }
		 */

	}

	@Override
	public void init(FilterConfig filterConfig) throws ServletException {

	}

}
